<?php

namespace app\modules\adminapi\controllers;

use yii\filters\auth\CompositeAuth;
use yii\filters\auth\HttpBearerAuth;
use yii\rest\Controller;

class BaseController extends Controller
{
    public function behaviors()
    {
        return array_merge(parent::behaviors(), [
            'authenticator'=>[
                'class'=>CompositeAuth::className(),
                'authMethods' => [
                    HttpBearerAuth::className()
                ],
            ],
        ]); // TODO: Change the autogenerated stub
    }

    public function checkAccess($action, $model = null, $params = [])
    {
//        $oauthUser = $request->getOAuthUser();
//        $module = app()->http->getName();
//        $controller = $request->controller();
//        $action = $request->action();
//        if (!Enforcer::enforce('admin:' . $oauthUser->id, $module, $controller, $action)) {
//            throw new \yii\web\ForbiddenHttpException(sprintf('You can only %s articles that you\'ve created.', $action));
//        }
    }
}
